CVE-2014-8835
CVE-2014-8835 affects Apple OS X prior to 10.10.2, where libxpc’s xpc_data_get_bytes does not verify the data type of a dictionary’s Attributes key, enabling a type-confusion path via crafted dictionaries to sysmond that can lead to arbitrary code execution. The documented impact is local to OS X...